Chapter 6: Defences

Protective Strategies

THE SUBJECT AT hand is protection of metrical attack-surface(s); with respect to the safe transfer of meaning between individual human beings. Accordingly, we specify how to protect symbolic structure (for datum(s)); and with a view to obtaining unbreakable encryption for datum-copies.

A second goal of this section is to define and classify encryption mechanism(s) for primary-network defence (i.e. locking datum-copies)—by means of logically consistent definitions, analysis and exposition.

Meaning Gateway(s)

The topic at hand is creation of an impenetrable meaning-gateway—or protecting a datum-copy’s metrical attack-surface (or symbolic structure)—whereby the same copy is either—A) at-rest; or B) in-transit.

Wherein we assume that any physical and/or virtual getaways (or protective measures for the copy’s form) may be ineffective and/or could fail. Right away—for a point-to-point communication system connected to an open-network—we acknowledge that a problem exists in terms of message/identity/key: authentication and signification; or making certain that the Identity and Access Management System assigns the same to the correct party.

Placing these matters aside, we find that there are two basic kinds of symbolic encryption:

• Symmetric-Key-Encryption: the encryption and decryption keys are the same. Communicating parties must have the same key before they can achieve secure communication.

• Public-Key-Encryption: the (public) encryption key is published for anyone to use and encrypt messages. However, only the receiving party has access to the (private) decryption key that allows messages to be read.

Entry-Method / Defence-Method

An entry-method is a system access pathway—or series of actions that must be performed by a human, running program and/or helper actor(s)—to access a datum-copy (i.e. a primary, secondary, tertiary-copy). Whereby an entry-method (may) involve traversing several system gateway(s)—before opening up the datum’s inner meaning.

A defence-method is a system access pathway that is inaccessible to unsafe-actor(s). Wherein both the entry-method and defence-method(s) may be protected by locking, blocking and/or concealment techniques. Note that an entry-method plus defence-method— may sometimes be the exact same sub-subsystem (i.e fulfil a dual purpose for any particular access pathway or system entrance method).

Either symmetric/non-symmetric encryption may be used to develop effective cryptographic software—and standards are widely available for employing such techniques (see end notes and bibliography). However successfully using encryption to ensure security may be a challenging problem—and because even a single error in system design or execution can allow successful attacks. Sometimes an adversary can obtain unencrypted information without directly undoing the encryption (see the Trojan Horse/Traffic Analysis hacking method(s) as explained elsewhere).

Overall, we advise caution in terms of reliance on cryptography alone for protecting a datum’s privacy.

SCF 1.0 – InfoGraphic G

Venn Diagram

Cybersecurity System Access Gateways

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

Protection Of Symbolic Structure

In this section we are concerned with protection of symbolic structure—or meaning—for communicated datum(s); whereby the message is comprised of a specific pattern of symbols. Wherein we ignore the possibility of using icons and indices as signifiers—and because these topics are unusual and/or lie outside of our analysis (e.g. steganography).

Obviously the remaining topic of symbolic cryptography is complex; and any adequate treatment would run to a book-length treatise. How then, you may ask, is it possible in only a few pages to say anything consequential on such a highly technical subject matter? Quite simply, we can identify best practice in terms of logical premises/reasoning/appropriate-conclusions for achieving absolute security; and hence outline effective methods to protect the metrical structure of communicated datum(s).

Ergo, we abide by one (or more) of the following—

CRYPTOGRAPHIC PRINCIPLES

Principle A

Virtual Message Tamper-proofing: The digital signature verification and encryption must be applied to the cipher-text— when it is created—typically on the same primary-network used to compose the message—to avoid tampering (adequate locking—guarantees message integrity).

Principle B

Physical Message Tamper-proofing: Encrypting at the time of creation is only secure if the encryption device itself has not been tampered with (i.e. closed/blocked physical gateway(s) or device-integrity).

Principle G

Environmental Spying: Methods to prevent spying on the primary-network through leaking emanations, including radio or electrical signals and vibration(s) etc.

Protection Of Meaning Gateways – Conclusions

The history of cryptography provides evidence that it is difficult to keep details of a widely used algorithm secret.

Accordingly, only secrecy of the key provides sufficient security—and because a key is often easier to protect (it’s typically a small piece of information) than an encryption algorithm, and easier to change if compromised.

And that’s about it for now; in later Chapters we go on to explore all of the issues raised here; and in terms of attaining logical, holistic, effective and broadly considered (plus scientific) cybersecurity policies.

The Beholder’s Share

(Unbreakable Codes)

THE SUBJECT AT hand is protection of descriptive and selectional attack-surface(s)—with respect to the safe transfer of meaning between individual human beings. Accordingly, we specify how to protect descriptive structure (for datum(s)); and with a view to obtaining absolute security for communicated datum-copy(s).

A second goal of this section is to define and classify coding mechanism(s) for primary-network defence—by means of logically consistent definitions, analysis and exposition.

Protective Techniques

The topic at hand is creation of impenetrable descriptive and selectional gateway(s)—or protecting a datum-copy’s descriptive and selectional attack-surface(s) (i.e. defining language(s) used and/or coding structure(s) employed). Whereby the same copy is either—A) at-rest; or B) in-transit. Wherein we assume that any physical, virtual, plus (symbolic) meaning gateway(s)—may be ineffective and/or could fail.

Once again we are faced with a host of potentially valid techniques in terms of descriptive and selective coding. The large number of such combinations makes for a particularly useful set of protective measures—each with a high level of robustness and immunity to attack.

Whereby the large number and great diversity of potential coding method(s) helps to effectively cloak/ obscure—said attack surface(s); and because an attacker has difficulty guessing which specific protective technique(s) may have been used—leading to significant obstacle(s) for breaking into the coded datum(s).

However there is an important caveat here, in terms of any unbridled optimism with respect to coding methods. That is the susceptibility of all coding/encryption methods to attacks—whereby a spy attempts to deduce information from patterns present in the copy.

We can think of coding as a statistical technique. Ergo for any fairly long message of—for example—english text; if a consistent encryption and/or coding method is employed; then due to the (relatively) small range of letters/words/ phrases present in the english language—it may be possible to use numerical/computationally intensive methods to discover, guess and/or decode the original message.

Limitations of Coding Protection

We can conclude that no coding/encryption method is (by itself) absolutely secure against all possible attack-vectors. Ergo, form based protection is desirable. Previously, we had identified core principles of system design for symbolic cryptography. Here in this Chapter we wish to do the same for coding methods—defined as the generation of descriptive and/or selectional layers for a representation.

Note that we can also use special coding techniques and/or modal methods for protecting symbolic structure—but we normally assign the same to encryption as a topic in-and-of-itself. Right away we shall state that all of the vulnerabilities and principles for effective cryptography apply also to coding methods. The only difference is that coding methods may be superior for eliminating and/or reducing the possibility of an attacker deducing information from well-known and/or repeated patterns (i.e. phrases) present in the communicated datum.

Pattern obfuscation is a central concern in terms of achieving socially secure communication. Basically we are in the domain of statistics—because no matter how clever/intricate and/or obscure the coding or encryption technique—it can often be broken—given sufficient time, effort and resources. Note however, that to break into a protected datum using statistical methods requires that a sufficiently large— homogenous coded-segment—or section of cypher-text/ coded-text sample is available for analysis.

Ergo we wish to avoid: using identical natural-language constructs too-often in a long message; and/or use of the same coding method(s) continually. Plus we wish to avoid sending coded messages with common patterns that may be used to reverse-engineer the coded datum(s). In fact, this is how the German Enigma code was broken; whereby every message contained known words—‘Heil Hitler’—day after day.

How can we mitigate such formidable risks? Quite simply, by using sufficiently obscure and intricate descriptive coding schemes and/or strong encryption methods; plus by using selectional content that varies sufficiently in terms of modal obfuscation.

Rely on the Beholder’s Share—employ covert and obscure methods for interpretation of meaning.

Bigger Brain Versus Stealth

THE SUBJECT AT hand is the building of stealth defences—with respect to the safe transfer of meaning between individual human beings.

Accordingly, we specify aspects of primary-network concealment; with a view to obtaining absolute security for communicated datum(s) [ref.Absolute Security:TARGET and METHOD(S)]. A second goal of this section is to define and classify covert mechanism(s) for primary-network defence—by means of logically consistent definitions, analysis and exposition.

Physical Gateways

In the present section we are concerned with how best to protect form based attack-surface(s); consisting of physical-gateways—media of storage, transfer and access; and virtual-gateways—formatted copies for storage, transfer and access. Patently—a wide range of—defensive techniques are possible—to protect gateway type(s); and because systems of communication are many and varied. Ergo, it is difficult to identify any universally applicable defensive procedures—without precedence.

Nevertheless, we can outline key principles for primary-network concealment—the same being methods that may prove useful to the designer of a system that seeks to provide absolute security.

DEFEND

CONCEAL

Conceal the method(s) of coding within a large range of possible method(s) + vary/overlap method(s); that is protect meaning gateway(s) (i.e. exploit the beholder’s share).

LOCALISE

Localise Identity and Access Management System(s). Do not trust private items to nth-parties.

CONFUSE

Employ nested protective layers (ref. physical/virtual gateways).

Stealth Techniques – Summary

In a nutshell, we wish to reduce gateway: exposure (limit existence in place/time), number(s), visibility and fragility—eliminating/nullifying attack-vectors [Axiom 60].

The title of the present Chapter—Bigger Brain versus Stealth Techniques’—refers to what we regard as best-practice for building an—absolutely secure—point- to-point system for private communication of meaning. Put simply, we believe that it is far better to rely on stealth techniques—in order to block/eliminate/conceal system gateway(s)—than attempt to have a bigger brain than all attackers (i.e use unbreakable locks).

Remember that for a central-server network; the primary, secondary, tertiary copies etc; hang around effectively forever—and are backed-up repeatedly. Undertaking to build an unbreakable encryption defence and/or coding method for such (effectively immortal) copies; may be unrealistic. Ergo, attaining robust meaning gateway(s)—is predicated upon—maintenance of superior intelligence /know-how (perpetually)—and because the defence mechanism(s) must stay (at least) one step ahead of all attacker(s)—now and at all times in the future.

A preferable approach—and one that will prove to be—in all likelihood—far less vulnerable to a data-breach; is to move system gateways—beyond the reach of any attackers. Primary-network concealment can be achieved using fundamental techniques that do not rely on having a bigger brain (so-to-speak). Rather we employ carefully chosen hardware and software tools as described—for example—in the list above.

SCF 1.0 – InfoGraphic F

Privacy And Security Relations

Source: ‘The Science Of Cybersecurity’ (2017) – by Alan Radley

Absolute Security – Conclusions

We can conclude that the techniques of absolute security are not rocket science—but they are a little unusual in that they do require specialist tools; including potentially: Peer-to-Peer (P2P) network design, stealth and depth-defences, well-designed encryption/coding, plus localised—or P2P—user ID/key management system(s), user-owned passwords, secret-keys etc.

Let us now go back to the original purpose of this book. Remember that we had made a distinction between partial/absent and absolute security [ref. Absolute Security: TARGET]. Perhaps for most situations it is fine to have a small degree of additional security provided by a standard encryption method (e.g. using email with a single-layer of encryption). But for those occasions when one has to communicate datum(s) that are of a particularly high value (i.e. be private-by-guarantee)— then we must employ special techniques.

Unfortunately, attaining absolute security is challenging using standard (central-server) tools such as email and file-sharing systems like DropBox, GoogleDrive etc; because— as we have seen—these systems are potentially open to a host of exploits, intercepts and data-breaches. Such problems relate to structural vulnerabilities in terms of network design (i.e. long-term exposure of physical gateways); leaving only virtual and meaning gateway protective techniques.

In summary, attaining absolute security for our digital communication(s)—is a difficult-to-reach—but not impossible goal. Just like the magician, rather than performing any real magic tricks (achieving unbreakable encryption/coding)—we misdirect.

Accordingly, we seek to:

Lock/block/conceal system gateway(s);

Conceal the method(s) of entry/defence (variable aspects) within a large range—of (potential) methods;

Employ depth-defences to confuse/ slow-down an attacker.

In this manner (1+2+3) [named as Axiom 62], we safeguard attack-surface entry-methods.

A VIRTUAL COMMUNITY OF CYBERSECURITY PRACTICE

Founding, building, and nurturing a Cybersecurity Science for everyone. We are a one-stop-shop for learning from—and contributing to—the latest findings and new scientific thinking emerging from the computer security community.

We extend a warm welcome to you, and an open invitation to get involved; no matter what your expertise level; and do contribute ideas, thoughts and experiences for the benefit of all.

SCIENCE OF CYBERSECURITY FRAMEWORK

In order to establish a logically coherent statement of basic theory, and to enable orderly progression of the same; we hereby define the Science Of Cybersecurity Framework (SCF).

Whereby, the SCF comprises all of the fundamental Cybersecurity axioms, principles, concepts, events and processes etc. The upshot is a complete characterisation of the entire subject matter of Information Security.

The purpose of the SCF is not to list, in an exhaustive fashion, every possible instance of a Cybersecurity failure/vulnerability and/or protective measure; but rather to define all of the logical elements that could possibly comprise the same. In other words, the SCF seeks to identify all of the universals of Cybersecurity, in the belief that any particulars will naturally follow.

WE NEED YOU!

Obviously development of a new science—is not the job of one person alone; but rather science can only arise, evolve and progress through consensus; and by the power of multiple brains.

Consequently, we invite members of the Cybersecurity community to get involved and contribute to this effort.

The Science of Cybersecurity – by Alan Radley (2017). Free digital edition is here, and the printed edition is on Amazon here.

Sample Reviews

Excellent read! Succinct and accurate on a subject that normally wanders into tangential discussions confusing and diffusing the goal… Radley breaks down today’s hottest topic in a way that provides reference to students as well as guidance to the more learned… I found it spot on and a fine addition to the body of work on cyber-security but specifically to the discussion of privacy within communications… I see this as a reference document for students studying cyber security as well as an excellent read for CTOs, CSOs, CISOs, and CEOs laboring over how to analyze their needs for increased security… allows you to hit the highlights or dive deeper into the subject with your many charts, diagrams, and glossary of terms.

Will no doubt be recognized as one of the seminal works on security, establishing definitions and clarity where others have dealt with assumptions… it is not very often that one is exposed to a work that is truly ground breaking in a field, but this is one of those works. Rather than expounding on the implementation of security as many do, Dr. Alan Radley astutely asks (and then suggests an answer for) the rather naive, yet deceptively complex question “What is security?”, or more precisely “How does one characterize a communication system for secure data transfer?” As Dr. Radley examines this question, the reader becomes aware that the answer is much more elusive than one first assumes.

As Dr. Radley builds a working compendium of definitions needed to examine the issue, the reader becomes more and more aware that the current vernacular is insufficient for discussing secure communication at a philosophical level, and if we cannot agree on what it means to be secure or private in thought, how can we accomplish it in act? It is here, laying the foundation of formal definition of socially secure communication, that Dr. Radley’s work is groundbreaking and will no doubt be referenced by many works to come.

As cyber education evolves to meet the pace of change in our digital world so does the need for good reference books.. a timely and spot on publication that I shall be recommending to my students; well done Dr Radley.

Professor Richard Benham – National Cyber Skills Centre, UK.

An excellent read and would definitely recommend this to our AISA members as a way to get a different perspective on security.

In a world full of privacy breaches, Radley timely develops a framework that delves into complexity of technical and human-centric factors that affect our perception of privacy and cybersecurity. I recommend this book to everyone who is interested in making our cyber world more secure.

Vitali Kremez (6/2/2016) – CyberCrime Investigative Analyst.

The book provides the reader with an accurate and objective view of the life-cycle of the exposures and vulnerabilities which are associated with the technological shadow cast over all individuals, and organisations. This is a unique piece of work… an excellent read, and deserves a place on every security professional’s bookshelf who is seeking a balanced and objective view of the current, and futuristic Cyber Security Landscape.

Professor John Walker – Nottingham Trent University.

Alan Radley makes sense of the complexities which ordinarily restrict this topic to IT people only… required reading for anyone focused on secure and private communication… What’s more, Alan’s no-nonsense approach and fearless honesty, is refreshing. I recommend this to those interested in making certain that their communication is more private, secure and resilient.

Bill Montgomery – CEO – Connect In Private.

A brilliant book! Did it make me wiser? Yes…

Pantazis Kourtis – Member of the Board of Directors at London Chapter at ISACA.

I commend this book to a wide readership. Well done Sir, more please.

Tony Collings OBE -Chairman – The ECA Group.

A very concise body of work, that belies its length for the practical application of useful data in a highly complex area… should be required reading for anyone providing third party services whereby their security claims cannot be held up without transparency. Ignore this work at your peril.

Christian Rogan – Vice President, Royal Holloway Enterprise Centre.

I highly recommend this book for individuals interested in understanding the challenges facing the security and information assurance specialist. Dr. Radley’s direct approach provides an excellent read and can enable valuable insights into an extremely complex topic such as security.

What Kind Of A Science Is Cybersecurity?

Cybersecurity is impossible to develop as a logical subject of study—without first establishing an observational science that identifies what we are dealing with in the first place.

Ergo, we become able to know what kinds of phenomena to look for, measure, model and control. Thus we define a set of Absolute Security metrics—and accordingly fully prescribe the various classes/types of Cybersecurity vulnerabilities—plus evolve truly effective countermeasures… >>

Avoid Hacking And data-Breaches With KeyMail

‘Cloud’ copies are highly vulnerable to hacking; largely because they will be around for a very long time—possibly forever—and as a result may be subject to innumerable future hacking attacks.

For Absolute Security in interpersonal communications, the KeyMail file-transfer protocol eliminates ‘cloud’ copies altogether; whereby client data transfers directly between devices. We call this Single-Copy-Send—and the upshot is that there are no vulnerable ‘third-party’ copies to attack, and hence no hacking risks… >>